Configuring Service API Key

The service API key is a unique identifier that is used to facilitate API authentication in an API request initiated by a service user. Service users are not allowed to sign in to the SSO Portal. They are service accounts that are used by applications to access the SSO Portal through the API. Each service API key is associated with a service account user. A service account user can be associated with up to 10 service API keys.

You can create service API keys for specific purposes. The service API key is the token key that you use in your command when executing the API call. You can create service users and service API keys for user management purposes. For example, you can create a service user called "SCIM delete user" and associate it with a service API key, so you can use the key to execute an API call to delete invalid users safely and to automate the cleanup process of invalid users. In this case, invalid users can be those who have left your company or those who are not allowed to log in to your system for specific reasons.

The Service API Key page lists the following for all the API keys you have configured:

• ID: The ID of the API key. This is the first 32 characters of the full service API key, which does not contain the secret of the key.
• NAME: The name of the API key.
• STATE: Indicates whether the API is currently Enabled, Disabled, or Expired. An enabled API key is available for use while an expired API key is no longer valid. You can enable a disabled key, but you cannot enable an expired key.
• EXPIRES AT: The timestamp when the API key will expire or has expired. 
• LAST USED AT: The timestamp when the API key was last used in an API operation. For troubleshooting purposes, this gives you an idea when the API key was last used in case of suspicious activities.
• CREATED AT: The timestamp when the API key was first created.
• UPDATED AT: The timestamp when the API key was last updated. 
• TYPE: The type of API keys. This can be one of the following:
  • Legacy: Legacy keys are user API keys that were automatically generated for signed-in user in previous releases. Infoblox will deprecate legacy keys in the near future. For information, see Configuring User API Keys.
  • Interactive: Interactive keys are user API keys that signed-in users created for themselves. All signed-in users are allowed to create user API keys for themselves. For information, see Configuring User API Keys. 
  • Service: Service API keys are API keys created for service account users. These keys are used to facilitate API authentication between devices. No signed-in users are involved in the API requests. 
• CREATED BY: The user who created this API key.
• UPDAETD BY: The user who last updated this API key.

You can do the following in this tab:

• Click  to select or deselect the columns to be displayed. You can also restore the settings to default.

• Click > Enable or select the check box for the respective key and click the Enable button to enable an API key.
• Click > Disable or select the check box for the respective key and click the Disable button to disable an API key.

• Click> Delete or select the respective key and click the Delete button to delete an API key.

• Select a key to view the details on the right-hand panel.  If you do not want to view the details, click .

• Enter the value that you want to search in the Search text box. The SSO Portal displays the list of records matching the keyword in the text box.

• Click  to filter the API keys by Name, State, and Type.

The following table lists the permissions required to perform tasks associated with service API key management:

You can also perform the following actions based on your permissions:

• Creating Service API Key
• Deleting Service API Key
• Enabling and Disabling Service API Key
• Migrating Legacy API Key to Service API Key